The Clorox Cognizant lawsuit has revealed shocking new claims about the bleach giant’s 2023 data breach. Clorox is suing IT vendor Cognizant for allegedly handing hackers access to its network—no phishing, no malware, just plain old password giveaways.
The attack, carried out by the Scattered Spider ransomware group, caused widespread chaos. According to court documents, Cognizant employees gave up credentials simply because someone asked.
A Breach Without Hacking
In the California lawsuit, Clorox accuses multiple Cognizant support agents of providing login credentials to attackers during support calls. The suit says the gang didn’t use technical exploits—they just impersonated employees and asked for help.
One conversation, seen by Reuters, reportedly included this exchange:
Hacker: “I don’t have a password, so I can’t connect.”
Cognizant employee: “Oh, OK. So let me provide the password to you, OK?”
In other cases, hackers asked for password resets and got them—without any identity checks. Clorox says no social engineering was needed. No malware. Just a phone call.
Damages and Business Disruption
Clorox says the breach caused $380 million in damages:
- $330 million linked to disrupted supply chains and halted shipments
- $50 million in restoration and mitigation costs
The company struggled for weeks to resume operations. It also blames Cognizant for:
- Not deactivating compromised accounts
- Failing to restore essential data
Scattered Spider Strikes Again
Scattered Spider is a Russia-linked ransomware group known for brazen attacks on major corporations. The gang previously:
- Infiltrated MGM Grand and Caesars International
- Targeted Marks & Spencer, Harrods, and Co-op
- Is now suspected in the Hawaiian Airlines breach in June 2025
The group typically poses as IT support, preying on outsourced help desks and third-party contractors.
A Pattern of Failure
Clorox’s lawsuit argues this breach wasn’t a sophisticated cyberattack—it was human error.
“Cognizant was not duped by any elaborate ploy,” the lawsuit reads.
“The cybercriminal just called the help desk, asked for credentials, and Cognizant handed them over.”
Despite repeated security incidents involving third-party firms, many companies still rely on external IT providers with broad access to sensitive networks.
Cognizant has yet to comment on the allegations.
Conclusion
The Clorox Cognizant lawsuit is a harsh reminder that even billion-dollar businesses can crumble from a single careless conversation. With hackers no longer needing zero-days to breach companies, basic verification and secure credential handling have never been more critical.
0 responses to “Clorox Cognizant Lawsuit Blames Support Staff for $380M Hack”